package cn.tom.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;

//授权服务器
@Configuration      //实例化装配到IOC容器
@EnableWebSecurity  //过滤器
public class MyWebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired  //从ioc容器获取UserDetailsService的Bean
    UserDetailsService myUserDetailsService;  //loadUserByUsername


    /**
     * 密码比对器
     *
     * @return
     * @throws Exception
     */
    // @Bean//ouath2 client_id client_secret
    @Bean("authenticationManagerBean")
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }


    @Override
    public void configure(WebSecurity web) throws Exception {
        super.configure(web);
    }


    /**
     * 登录权限
     * 在SpringSecurity 登录移到MyResourceServerConfig 权限移到QqAuth2ServerConfig
     *
     * @param http
     * @throws Exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.requestMatchers()
                .antMatchers("/login", "/oauteh/authorize")  //放行登录路径
                .and()
                .authorizeRequests()
                .anyRequest().authenticated()
                .and()
                .formLogin().permitAll();
    }
}